GITNUXREPORT 2026

Healthcare Data Breaches Statistics

Healthcare data breaches skyrocketed in 2023, hitting record highs for incidents and patients affected.

Rajesh Patel

Rajesh Patel

Team Lead & Senior Researcher with over 15 years of experience in market research and data analytics.

First published: Feb 13, 2026

Our Commitment to Accuracy

Rigorous fact-checking · Reputable sources · Regular updatesLearn more

Key Statistics

Statistic 1

In 2023, the US healthcare sector experienced 540 major data breaches reported to HHS, a 198% increase from 2022.

Statistic 2

From 2009 to 2023, HHS recorded 4,701 healthcare breaches affecting more than 319 million individuals.

Statistic 3

In Q1 2024 alone, 102 healthcare breach notifications were made, impacting 20.6 million records.

Statistic 4

Healthcare accounted for 21% of all data breaches in the Verizon 2023 DBIR across 16,312 incidents analyzed.

Statistic 5

2023 saw 3,481 healthcare ransomware attacks worldwide, per Sophos report on 50 countries.

Statistic 6

US hospitals reported 196 data breaches in 2023, up 150% from 2022.

Statistic 7

Between Jan-Jun 2023, 236 healthcare entities notified HHS of breaches.

Statistic 8

In 2022, healthcare breaches numbered 707, affecting 51.1 million people per HHS data.

Statistic 9

CrowdStrike 2023 report noted 300+ healthcare incidents in their global response.

Statistic 10

Ponemon 2023 survey found 83% of healthcare organizations experienced a data breach.

Statistic 11

145 healthcare breaches disclosed in California in 2023 under state law.

Statistic 12

UK NHS reported 1,424 cyber incidents in healthcare for 2022-2023.

Statistic 13

Australia’s OAIC logged 245 health data breaches in FY2022-23.

Statistic 14

EU healthcare sector had 512 GDPR breach notifications in 2023 per EDPB.

Statistic 15

Canadian healthcare saw 89 reportable breaches in 2023 via OPC.

Statistic 16

2023 IBM report: 98% of healthcare orgs had incidents, up from 88% prior year.

Statistic 17

HHS data: 91 breaches in Nov 2023 alone for healthcare.

Statistic 18

42 state AG offices tracked 250+ healthcare breaches in 2023.

Statistic 19

Mandiant M-Trends 2024: Healthcare median dwell time 16 days for breaches.

Statistic 20

176 hospital systems breached in 2023 per Black Book Research.

Statistic 21

Q4 2023: 180 healthcare breaches notified, per HIPAA Journal.

Statistic 22

2021-2023: 1,200+ US healthcare phishing-related breaches.

Statistic 23

Global healthcare incidents rose 45% YoY in 2023 per Cyble.

Statistic 24

65 Medicare/Medicaid breaches in 2023 affecting 10M+.

Statistic 25

2023: 312 breaches from unsecured PHI per HHS OCR.

Statistic 26

Healthcare represented 19% of 5,200 US breaches in 2023 per ITRC.

Statistic 27

94 breaches in Oct-Dec 2023 for US healthcare.

Statistic 28

2023 saw 400+ vendor-related healthcare breaches.

Statistic 29

EU-UK healthcare: 800+ incidents in 2023 per ENISA.

Statistic 30

2023: 250+ breaches in US behavioral health sector.

Statistic 31

Healthcare data breaches in 2023 were 84% hacking-related per HHS.

Statistic 32

IBM 2023: Phishing responsible for 16% of healthcare breaches.

Statistic 33

Ransomware attacks made up 45% of healthcare breaches in 2023, per Sophos.

Statistic 34

Verizon DBIR 2023: 29% of healthcare breaches from stolen credentials.

Statistic 35

2023 HHS: 47% of breaches due to hacking/IT incidents.

Statistic 36

Ponemon 2023: 67% of healthcare breaches involved malicious insiders or partners.

Statistic 37

CrowdStrike: Cloud misconfigs caused 23% of 2023 healthcare incidents.

Statistic 38

2023: 12% of breaches from unauthorized access to documents.

Statistic 39

Mandiant: 58% of healthcare ransomware via initial access brokers.

Statistic 40

Phishing emails led to 22% of healthcare incidents in Verizon 2023 DBIR.

Statistic 41

2023: 18% breaches from portable devices like laptops.

Statistic 42

IBM: Lost/stolen devices caused 19% of healthcare incidents.

Statistic 43

Sophos: 75% of healthcare ransomware via phishing or RDP.

Statistic 44

2023 HHS: 8% breaches from improper disposal of PHI.

Statistic 45

Third-party breaches: 44% of 2023 healthcare incidents per IBM.

Statistic 46

Exploit kits used in 15% of healthcare breaches 2023, Verizon.

Statistic 47

Email compromise: 32% of small healthcare org breaches.

Statistic 48

2023: 5% from physical theft of paper records.

Statistic 49

Supply chain attacks: 25% rise in healthcare 2023, Cyble.

Statistic 50

Unpatched vulnerabilities: 28% of healthcare entry points, per Ponemon.

Statistic 51

Insider errors: 24% of healthcare breaches 2023 IBM.

Statistic 52

DDoS as distraction in 12% of ransomware healthcare attacks.

Statistic 53

MFA bypass via social engineering in 18% incidents.

Statistic 54

API vulnerabilities exploited in 11% cloud healthcare breaches.

Statistic 55

2023: 3% from lost/stolen mailing PHI.

Statistic 56

Remote access tools abused in 35% healthcare ransomware.

Statistic 57

SQL injection in 7% web app healthcare breaches.

Statistic 58

Privilege escalation via misconfigs: 21% cases.

Statistic 59

2023 healthcare: 92% of breaches involved external actors.

Statistic 60

IBM Cost of a Data Breach 2023: Average $10.93 million for healthcare, highest of all sectors.

Statistic 61

Healthcare breach costs rose 53% from 2020 to 2023, reaching $10.93M average.

Statistic 62

Ponemon 2023: Detection and escalation costs $1.76M average in healthcare breaches.

Statistic 63

Lost business from breaches: $2.5M average for healthcare orgs in 2023.

Statistic 64

Ransomware breach average cost $4.88M in healthcare 2023 Sophos.

Statistic 65

HIPAA fines 2023: $6.85 million total for healthcare violations.

Statistic 66

Change Healthcare breach projected $1B+ recovery costs 2024.

Statistic 67

Average notification cost per breach: $350,000 in healthcare 2023.

Statistic 68

Post-breach customer churn: 25% higher costs in healthcare.

Statistic 69

2023 healthcare cyber insurance claims averaged $1.2M payout.

Statistic 70

Remediation costs: $3.2M average for large healthcare breaches.

Statistic 71

UK NHS cyberattack 2023 cost £8M direct, £100M indirect.

Statistic 72

2023 fines: Orlando Health $2.5M for PHI breach.

Statistic 73

Business disruption: 40% of healthcare orgs lost $1M+ revenue.

Statistic 74

Average legal fees post-breach: $1.4M in healthcare 2023.

Statistic 75

Cyber insurance premiums for healthcare up 120% in 2023.

Statistic 76

2023 total HIPAA penalties: Over $100M since 2009, healthcare dominant.

Statistic 77

Ransomware payment average $1.5M in healthcare, 60% paid.

Statistic 78

Patient lawsuits post-breach: Average settlement $500K per class action.

Statistic 79

EU GDPR fines healthcare: €50M average 2023.

Statistic 80

2023: $2.8M average for mega-breaches over 1M records.

Statistic 81

Incident response retainers: $500K upfront for healthcare.

Statistic 82

25% of healthcare orgs bankrupt risk post-breach.

Statistic 83

Australia health breach fines: AUD 2.5M max, 10 cases 2023.

Statistic 84

Cloud breach costs 15% higher: $12.7M avg healthcare.

Statistic 85

2023 training costs post-breach: $1M annual increase.

Statistic 86

Vendor breach indemnity claims: $300M in 2023 healthcare.

Statistic 87

Reputation damage: $1.9M lost value per healthcare breach.

Statistic 88

2023: 150% rise in healthcare cyber insurance denials.

Statistic 89

Average downtime cost: $8,300/minute for healthcare systems.

Statistic 90

Change Healthcare breach in Feb 2024 exposed records of up to 1/3 of Americans, estimated 100 million+ individuals.

Statistic 91

2023 largest breach: Komodo Health, 58.5 million records exposed.

Statistic 92

From 2009-2023, total US healthcare breaches exposed 319,190,689 individuals per HHS.

Statistic 93

Q1 2024: 41 million patient records compromised in healthcare breaches.

Statistic 94

2023 total: 112 million individuals affected by healthcare breaches, HHS data.

Statistic 95

Ascension Health breach Nov 2023: 5.6 million individuals notified.

Statistic 96

Kaiser Permanente 2023 breach: 13.4 million members' data exposed.

Statistic 97

2022: 51 million records exposed in 707 healthcare breaches.

Statistic 98

Synnovis UK breach Jun 2024: disrupted services for 1.4 million patients.

Statistic 99

Oregon HHS Feb 2024: 650,000 individuals' data stolen.

Statistic 100

Walgreens Q3 2023: 14 million customers' PHI compromised.

Statistic 101

Total 2023 exposures: 133 million from hacking/IT incidents alone.

Statistic 102

Medical imaging firm breach 2023: 6 million scans of 1 million patients leaked.

Statistic 103

2023: 22 million records from 145 California healthcare breaches.

Statistic 104

Ardent Health Nov 2023: 1 million hospital patients affected.

Statistic 105

PharMerica 2023: 5.8 million individuals' data breached.

Statistic 106

Total since 2009: 4,701 breaches impacting 319M, with 2023 highest at 112M.

Statistic 107

Q4 2023: 28.7 million records in healthcare breaches.

Statistic 108

Perry Johnson & Associates 2023: 9 million patient records exposed.

Statistic 109

Total hacking breaches 2023: 133M individuals.

Statistic 110

2024 YTD: 51.9 million records from 235 breaches.

Statistic 111

Mass General Brigham 2024: 761,000 patients' data stolen.

Statistic 112

2023 unauthorized access breaches: 8.4M records.

Statistic 113

UK ICO: 2023 healthcare breaches exposed 2.5M records.

Statistic 114

Australia health: FY23 1.2M records in 245 breaches.

Statistic 115

EU GDPR health: 2023 average breach size 45,000 records.

Statistic 116

2023 ransomware: 47M US healthcare records exposed.

Statistic 117

2023: 35 breaches exposed over 1M records each.

Statistic 118

Total PHI exposed 2023: SSN 17%, diagnosis 92%, per IBM.

Statistic 119

2023 improper disposal: 1.1M records exposed.

Statistic 120

Hacking/IT incidents 2023: 84% of breaches, 133M records.

Statistic 121

2023: 540 breaches, average 207,000 records per breach.

Statistic 122

Ransomware groups stole 25M healthcare records in 2023.

Statistic 123

2023 network server breaches: 68M records.

Statistic 124

Healthcare breaches increased 198% in 2023 vs 2022, HHS data.

Statistic 125

Data exposed doubled from 44M in 2022 to 112M in 2023.

Statistic 126

Ransomware in healthcare up 40% YoY through 2023.

Statistic 127

IBM predicts healthcare breach costs to hit $11.2M avg by 2024.

Statistic 128

2020-2023: Breaches grew 300% in healthcare sector.

Statistic 129

Q1-Q4 2023: Monthly breaches averaged 45, peaking at 91 in Nov.

Statistic 130

Post-COVID: Healthcare incidents up 55% since 2020.

Statistic 131

Verizon DBIR: Healthcare breach rate steady at 20% of total 2019-2023.

Statistic 132

2024 forecast: 600+ US healthcare breaches expected.

Statistic 133

Hacking incidents: 69% of breaches in 2022 to 84% in 2023.

Statistic 134

Cloud adoption drove 30% increase in misconfig breaches 2021-2023.

Statistic 135

2019-2023: Average records per breach tripled to 200K+.

Statistic 136

Ransomware dwell time down 50% to 16 days in 2023.

Statistic 137

Third-party risks: 25% to 44% of breaches 2020-2023 IBM.

Statistic 138

EU health breaches under GDPR up 20% annually 2021-2023.

Statistic 139

2023 vs 2022: 150% more hospital breaches reported.

Statistic 140

Ponemon: Breach frequency every 2 years to every 11 months 2020-2023.

Statistic 141

Australia NDB health scheme: Breaches doubled 2021-2023.

Statistic 142

UK healthcare cyber incidents: 1,000 to 1,424 from 2021-2023.

Statistic 143

2024 H1: Already 50% of 2023 breach total pace.

Statistic 144

Mega-breaches (>1M records): 18 in 2023 vs 8 in 2022.

Statistic 145

Phishing vector: 10% to 22% rise 2022-2023 Verizon.

Statistic 146

Costs up 10.1% YoY to $10.93M, projected 15% rise 2024.

Statistic 147

2009-2023: Breaches from 79 to 540 annually.

Statistic 148

Ransomware payments down 35% in 2023 but attacks up.

Statistic 149

Vendor breaches: 200% increase 2022-2023.

Statistic 150

Global healthcare threats expected 50% rise by 2025 ENISA.

Statistic 151

Detection time: 277 days avg 2022 to 204 days 2023.

Statistic 152

2023 peak summer breaches due to vacations.

Sources
Trusted by 500+ publications
Harvard Business ReviewThe GuardianFortune+497
Imagine a world where your most sensitive health information is exposed at a rate of over one million records per day—that's the staggering reality of healthcare data breaches, where a relentless cyber onslaught saw incidents skyrocket by 198% in 2023 alone.

Key Takeaways

  • In 2023, the US healthcare sector experienced 540 major data breaches reported to HHS, a 198% increase from 2022.
  • From 2009 to 2023, HHS recorded 4,701 healthcare breaches affecting more than 319 million individuals.
  • In Q1 2024 alone, 102 healthcare breach notifications were made, impacting 20.6 million records.
  • Change Healthcare breach in Feb 2024 exposed records of up to 1/3 of Americans, estimated 100 million+ individuals.
  • 2023 largest breach: Komodo Health, 58.5 million records exposed.
  • From 2009-2023, total US healthcare breaches exposed 319,190,689 individuals per HHS.
  • Healthcare data breaches in 2023 were 84% hacking-related per HHS.
  • IBM 2023: Phishing responsible for 16% of healthcare breaches.
  • Ransomware attacks made up 45% of healthcare breaches in 2023, per Sophos.
  • IBM Cost of a Data Breach 2023: Average $10.93 million for healthcare, highest of all sectors.
  • Healthcare breach costs rose 53% from 2020 to 2023, reaching $10.93M average.
  • Ponemon 2023: Detection and escalation costs $1.76M average in healthcare breaches.
  • Healthcare breaches increased 198% in 2023 vs 2022, HHS data.
  • Data exposed doubled from 44M in 2022 to 112M in 2023.
  • Ransomware in healthcare up 40% YoY through 2023.

Healthcare data breaches skyrocketed in 2023, hitting record highs for incidents and patients affected.

Breach Frequency and Counts

  • In 2023, the US healthcare sector experienced 540 major data breaches reported to HHS, a 198% increase from 2022.
  • From 2009 to 2023, HHS recorded 4,701 healthcare breaches affecting more than 319 million individuals.
  • In Q1 2024 alone, 102 healthcare breach notifications were made, impacting 20.6 million records.
  • Healthcare accounted for 21% of all data breaches in the Verizon 2023 DBIR across 16,312 incidents analyzed.
  • 2023 saw 3,481 healthcare ransomware attacks worldwide, per Sophos report on 50 countries.
  • US hospitals reported 196 data breaches in 2023, up 150% from 2022.
  • Between Jan-Jun 2023, 236 healthcare entities notified HHS of breaches.
  • In 2022, healthcare breaches numbered 707, affecting 51.1 million people per HHS data.
  • CrowdStrike 2023 report noted 300+ healthcare incidents in their global response.
  • Ponemon 2023 survey found 83% of healthcare organizations experienced a data breach.
  • 145 healthcare breaches disclosed in California in 2023 under state law.
  • UK NHS reported 1,424 cyber incidents in healthcare for 2022-2023.
  • Australia’s OAIC logged 245 health data breaches in FY2022-23.
  • EU healthcare sector had 512 GDPR breach notifications in 2023 per EDPB.
  • Canadian healthcare saw 89 reportable breaches in 2023 via OPC.
  • 2023 IBM report: 98% of healthcare orgs had incidents, up from 88% prior year.
  • HHS data: 91 breaches in Nov 2023 alone for healthcare.
  • 42 state AG offices tracked 250+ healthcare breaches in 2023.
  • Mandiant M-Trends 2024: Healthcare median dwell time 16 days for breaches.
  • 176 hospital systems breached in 2023 per Black Book Research.
  • Q4 2023: 180 healthcare breaches notified, per HIPAA Journal.
  • 2021-2023: 1,200+ US healthcare phishing-related breaches.
  • Global healthcare incidents rose 45% YoY in 2023 per Cyble.
  • 65 Medicare/Medicaid breaches in 2023 affecting 10M+.
  • 2023: 312 breaches from unsecured PHI per HHS OCR.
  • Healthcare represented 19% of 5,200 US breaches in 2023 per ITRC.
  • 94 breaches in Oct-Dec 2023 for US healthcare.
  • 2023 saw 400+ vendor-related healthcare breaches.
  • EU-UK healthcare: 800+ incidents in 2023 per ENISA.
  • 2023: 250+ breaches in US behavioral health sector.

Breach Frequency and Counts Interpretation

The statistics paint a grim portrait of healthcare cybersecurity, where protecting patient data seems less like a standard practice and more like a frantic game of Whac-A-Mole played against an army of increasingly aggressive hackers.

Common Attack Vectors

  • Healthcare data breaches in 2023 were 84% hacking-related per HHS.
  • IBM 2023: Phishing responsible for 16% of healthcare breaches.
  • Ransomware attacks made up 45% of healthcare breaches in 2023, per Sophos.
  • Verizon DBIR 2023: 29% of healthcare breaches from stolen credentials.
  • 2023 HHS: 47% of breaches due to hacking/IT incidents.
  • Ponemon 2023: 67% of healthcare breaches involved malicious insiders or partners.
  • CrowdStrike: Cloud misconfigs caused 23% of 2023 healthcare incidents.
  • 2023: 12% of breaches from unauthorized access to documents.
  • Mandiant: 58% of healthcare ransomware via initial access brokers.
  • Phishing emails led to 22% of healthcare incidents in Verizon 2023 DBIR.
  • 2023: 18% breaches from portable devices like laptops.
  • IBM: Lost/stolen devices caused 19% of healthcare incidents.
  • Sophos: 75% of healthcare ransomware via phishing or RDP.
  • 2023 HHS: 8% breaches from improper disposal of PHI.
  • Third-party breaches: 44% of 2023 healthcare incidents per IBM.
  • Exploit kits used in 15% of healthcare breaches 2023, Verizon.
  • Email compromise: 32% of small healthcare org breaches.
  • 2023: 5% from physical theft of paper records.
  • Supply chain attacks: 25% rise in healthcare 2023, Cyble.
  • Unpatched vulnerabilities: 28% of healthcare entry points, per Ponemon.
  • Insider errors: 24% of healthcare breaches 2023 IBM.
  • DDoS as distraction in 12% of ransomware healthcare attacks.
  • MFA bypass via social engineering in 18% incidents.
  • API vulnerabilities exploited in 11% cloud healthcare breaches.
  • 2023: 3% from lost/stolen mailing PHI.
  • Remote access tools abused in 35% healthcare ransomware.
  • SQL injection in 7% web app healthcare breaches.
  • Privilege escalation via misconfigs: 21% cases.
  • 2023 healthcare: 92% of breaches involved external actors.

Common Attack Vectors Interpretation

A healthcare system's digital doors are being battered down by a symphony of hackers, with ransomware as the lead instrument, insider errors as the backup singers, and stolen keys from phishing as the all-too-common ticket inside.

Economic and Financial Impacts

  • IBM Cost of a Data Breach 2023: Average $10.93 million for healthcare, highest of all sectors.
  • Healthcare breach costs rose 53% from 2020 to 2023, reaching $10.93M average.
  • Ponemon 2023: Detection and escalation costs $1.76M average in healthcare breaches.
  • Lost business from breaches: $2.5M average for healthcare orgs in 2023.
  • Ransomware breach average cost $4.88M in healthcare 2023 Sophos.
  • HIPAA fines 2023: $6.85 million total for healthcare violations.
  • Change Healthcare breach projected $1B+ recovery costs 2024.
  • Average notification cost per breach: $350,000 in healthcare 2023.
  • Post-breach customer churn: 25% higher costs in healthcare.
  • 2023 healthcare cyber insurance claims averaged $1.2M payout.
  • Remediation costs: $3.2M average for large healthcare breaches.
  • UK NHS cyberattack 2023 cost £8M direct, £100M indirect.
  • 2023 fines: Orlando Health $2.5M for PHI breach.
  • Business disruption: 40% of healthcare orgs lost $1M+ revenue.
  • Average legal fees post-breach: $1.4M in healthcare 2023.
  • Cyber insurance premiums for healthcare up 120% in 2023.
  • 2023 total HIPAA penalties: Over $100M since 2009, healthcare dominant.
  • Ransomware payment average $1.5M in healthcare, 60% paid.
  • Patient lawsuits post-breach: Average settlement $500K per class action.
  • EU GDPR fines healthcare: €50M average 2023.
  • 2023: $2.8M average for mega-breaches over 1M records.
  • Incident response retainers: $500K upfront for healthcare.
  • 25% of healthcare orgs bankrupt risk post-breach.
  • Australia health breach fines: AUD 2.5M max, 10 cases 2023.
  • Cloud breach costs 15% higher: $12.7M avg healthcare.
  • 2023 training costs post-breach: $1M annual increase.
  • Vendor breach indemnity claims: $300M in 2023 healthcare.
  • Reputation damage: $1.9M lost value per healthcare breach.
  • 2023: 150% rise in healthcare cyber insurance denials.
  • Average downtime cost: $8,300/minute for healthcare systems.

Economic and Financial Impacts Interpretation

If hospitals were paid by the breach instead of the procedure, they’d be rolling in dough, but since they’re not, these skyrocketing costs are bleeding the sector dry.

Scale of Data Exposure

  • Change Healthcare breach in Feb 2024 exposed records of up to 1/3 of Americans, estimated 100 million+ individuals.
  • 2023 largest breach: Komodo Health, 58.5 million records exposed.
  • From 2009-2023, total US healthcare breaches exposed 319,190,689 individuals per HHS.
  • Q1 2024: 41 million patient records compromised in healthcare breaches.
  • 2023 total: 112 million individuals affected by healthcare breaches, HHS data.
  • Ascension Health breach Nov 2023: 5.6 million individuals notified.
  • Kaiser Permanente 2023 breach: 13.4 million members' data exposed.
  • 2022: 51 million records exposed in 707 healthcare breaches.
  • Synnovis UK breach Jun 2024: disrupted services for 1.4 million patients.
  • Oregon HHS Feb 2024: 650,000 individuals' data stolen.
  • Walgreens Q3 2023: 14 million customers' PHI compromised.
  • Total 2023 exposures: 133 million from hacking/IT incidents alone.
  • Medical imaging firm breach 2023: 6 million scans of 1 million patients leaked.
  • 2023: 22 million records from 145 California healthcare breaches.
  • Ardent Health Nov 2023: 1 million hospital patients affected.
  • PharMerica 2023: 5.8 million individuals' data breached.
  • Total since 2009: 4,701 breaches impacting 319M, with 2023 highest at 112M.
  • Q4 2023: 28.7 million records in healthcare breaches.
  • Perry Johnson & Associates 2023: 9 million patient records exposed.
  • Total hacking breaches 2023: 133M individuals.
  • 2024 YTD: 51.9 million records from 235 breaches.
  • Mass General Brigham 2024: 761,000 patients' data stolen.
  • 2023 unauthorized access breaches: 8.4M records.
  • UK ICO: 2023 healthcare breaches exposed 2.5M records.
  • Australia health: FY23 1.2M records in 245 breaches.
  • EU GDPR health: 2023 average breach size 45,000 records.
  • 2023 ransomware: 47M US healthcare records exposed.
  • 2023: 35 breaches exposed over 1M records each.
  • Total PHI exposed 2023: SSN 17%, diagnosis 92%, per IBM.
  • 2023 improper disposal: 1.1M records exposed.
  • Hacking/IT incidents 2023: 84% of breaches, 133M records.
  • 2023: 540 breaches, average 207,000 records per breach.
  • Ransomware groups stole 25M healthcare records in 2023.
  • 2023 network server breaches: 68M records.

Scale of Data Exposure Interpretation

It is a statistical farce that in healthcare, our most closely guarded secrets are held more securely by our gossipy neighbors than by the servers entrusted with protecting a third of the nation's medical records.

Temporal Trends and Forecasts

  • Healthcare breaches increased 198% in 2023 vs 2022, HHS data.
  • Data exposed doubled from 44M in 2022 to 112M in 2023.
  • Ransomware in healthcare up 40% YoY through 2023.
  • IBM predicts healthcare breach costs to hit $11.2M avg by 2024.
  • 2020-2023: Breaches grew 300% in healthcare sector.
  • Q1-Q4 2023: Monthly breaches averaged 45, peaking at 91 in Nov.
  • Post-COVID: Healthcare incidents up 55% since 2020.
  • Verizon DBIR: Healthcare breach rate steady at 20% of total 2019-2023.
  • 2024 forecast: 600+ US healthcare breaches expected.
  • Hacking incidents: 69% of breaches in 2022 to 84% in 2023.
  • Cloud adoption drove 30% increase in misconfig breaches 2021-2023.
  • 2019-2023: Average records per breach tripled to 200K+.
  • Ransomware dwell time down 50% to 16 days in 2023.
  • Third-party risks: 25% to 44% of breaches 2020-2023 IBM.
  • EU health breaches under GDPR up 20% annually 2021-2023.
  • 2023 vs 2022: 150% more hospital breaches reported.
  • Ponemon: Breach frequency every 2 years to every 11 months 2020-2023.
  • Australia NDB health scheme: Breaches doubled 2021-2023.
  • UK healthcare cyber incidents: 1,000 to 1,424 from 2021-2023.
  • 2024 H1: Already 50% of 2023 breach total pace.
  • Mega-breaches (>1M records): 18 in 2023 vs 8 in 2022.
  • Phishing vector: 10% to 22% rise 2022-2023 Verizon.
  • Costs up 10.1% YoY to $10.93M, projected 15% rise 2024.
  • 2009-2023: Breaches from 79 to 540 annually.
  • Ransomware payments down 35% in 2023 but attacks up.
  • Vendor breaches: 200% increase 2022-2023.
  • Global healthcare threats expected 50% rise by 2025 ENISA.
  • Detection time: 277 days avg 2022 to 204 days 2023.
  • 2023 peak summer breaches due to vacations.

Temporal Trends and Forecasts Interpretation

We are witnessing a healthcare system hemorrhaging data at an alarming rate, where ransomware gangs have become more efficient than our own IT departments, and every cloud migration seems to open a new door for hackers to waltz right in.